HomePhabricator

[wallet] Reopen CDBEnv after encryption instead of shutting down

Description

[wallet] Reopen CDBEnv after encryption instead of shutting down

Summary:

Shutting down the software was to prevent the BDB environment from
writing unencrypted private keys to disk in the database log files, as
was noted here. This PR replaces the shutdown behavior with a CDBEnv
flush, close, and reopen which achieves the same effect: everything is
cleanly flushed and closed, the log files are removed, and then the
environment reopened to continue normal operation.

To ensure that no unencrypted private keys are in the log files after
encrypting the wallet, I wrote this script to pull private keys from the
original wallet file and searches for these keys in the log files (note
that you will have to change your file paths to make it work on your own
machine).

As for concerns about private keys being written to slack space or being
kept in memory, these behaviors no longer exist after the original
wallet encryption PR and the shutting down solution from 2011.

Backport of core PR12493:
https://github.com/bitcoin/bitcoin/pull/12493/files

Test Plan:

ninja all check
./test/functional/test_runner.py wallet_*

Run bitcoin-qt and encrypt your wallet. Check the app is no longer restarting.

Reviewers: #bitcoin_abc, deadalnix

Reviewed By: #bitcoin_abc, deadalnix

Differential Revision: https://reviews.bitcoinabc.org/D4884

Details

Provenance
Andrew Chow <achow101-github@achow101.com>Authored on Feb 20 2018, 20:28
FabienCommitted on Jan 10 2020, 21:03
FabienPushed on Jan 10 2020, 21:16
Reviewer
Restricted Project
Differential Revision
D4884: [wallet] Reopen CDBEnv after encryption instead of shutting down
Parents
rSTAGING1960118f3dd3: Make ECM error message more helpful
Branches
Unknown
Tags
Unknown